Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917E678/B897C582A19C11EB92A2DF29C4F9AE02/5BE68D46CF7611ED85A2E84EC4F9AE02.roa
File: 5BE68D46CF7611ED85A2E84EC4F9AE02.roa (raw, json)
Hash identifier: BrzgU3xBP3o4yvmKBY73knIezM/7VVkArIBxNO3bMEY=
Subject key identifier: 20:8B:A6:BA:B9:F7:C2:DC:C9:84:CD:BA:77:05:85:5C:96:94:A9:5C
Certificate issuer: /CN=A917E678/serialNumber=E243F3BE825569BB16ACB374BC98DABE690B17C1
Certificate serial: 05F7
Authority key identifier: E2:43:F3:BE:82:55:69:BB:16:AC:B3:74:BC:98:DA:BE:69:0B:17:C1
Authority info access: rsync://rpki.apnic.net/repository/B4A1BEA61D6611E2B2CD8B7C72FD1FF2/4kPzvoJVabsWrLN0vJjavmkLF8E.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917E678/B897C582A19C11EB92A2DF29C4F9AE02/5BE68D46CF7611ED85A2E84EC4F9AE02.roa
Signing time: Mon 21 Oct 2024 07:48:40 +0000
ROA not before: Mon 21 Oct 2024 07:48:40 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 136907
IP address blocks: 189.1.192.0/18 maxlen: 18
189.1.192.0/20 maxlen: 20
189.1.208.0/20 maxlen: 20
189.1.224.0/20 maxlen: 20
189.1.240.0/20 maxlen: 20
189.28.96.0/19 maxlen: 19
189.28.96.0/20 maxlen: 20
189.28.112.0/20 maxlen: 20
190.92.192.0/19 maxlen: 19
190.92.194.0/24 maxlen: 24
190.92.224.0/19 maxlen: 19
190.92.248.0/24 maxlen: 24
190.92.249.0/24 maxlen: 24
190.92.250.0/24 maxlen: 24
190.92.251.0/24 maxlen: 24
190.92.252.0/24 maxlen: 24
190.92.253.0/24 maxlen: 24
190.92.254.0/24 maxlen: 24
201.77.32.0/20 maxlen: 20
Validation: Failed, certificate revoked on Tue 22 Oct 2024 04:08:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1527 (0x5f7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917E678/serialNumber=E243F3BE825569BB16ACB374BC98DABE690B17C1
Validity
Not Before: Oct 21 07:48:40 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=67160757-7807
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:62:8d:ca:17:e3:ec:dd:44:b7:64:d8:cc:84:
90:81:7d:c4:44:bd:e0:07:c6:72:20:55:4f:75:45:
32:b5:d6:5c:44:ff:2b:af:eb:69:7e:9b:8a:57:f2:
0d:71:2f:d4:62:04:a3:ad:ff:57:da:0c:6e:37:c3:
87:9a:ad:29:5f:b2:d5:49:51:78:72:9b:cb:e3:fe:
12:81:c3:8a:85:b6:33:46:f7:82:3d:32:ba:43:c0:
79:ee:f3:5a:1a:3a:2f:22:1a:15:30:a7:e7:a9:c7:
b7:01:6f:b4:d4:ef:d9:4a:9d:9a:90:9d:f4:e0:26:
2a:f8:d6:e8:d8:0a:17:02:5e:46:20:4f:8c:6a:ee:
f4:3b:24:77:e0:9c:19:be:9a:29:82:f7:c0:95:00:
7c:b3:9c:c9:12:85:40:27:56:04:00:fd:07:9e:83:
04:9a:a4:e5:90:d2:0f:a8:70:14:7f:ef:51:7f:ba:
2c:f0:aa:8c:e5:63:33:d7:3b:9f:1d:17:42:19:77:
03:b7:42:28:4a:3d:34:d9:93:74:a1:e6:25:b0:69:
67:08:b3:44:10:41:58:c3:19:d8:89:cb:76:8b:d9:
c5:1b:0e:a9:c7:90:59:d8:ab:ac:c0:c8:ca:9d:96:
77:95:a1:03:52:86:d1:9e:27:87:94:79:ed:f5:66:
e8:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:8B:A6:BA:B9:F7:C2:DC:C9:84:CD:BA:77:05:85:5C:96:94:A9:5C
X509v3 Authority Key Identifier:
keyid:E2:43:F3:BE:82:55:69:BB:16:AC:B3:74:BC:98:DA:BE:69:0B:17:C1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917E678/B897C582A19C11EB92A2DF29C4F9AE02/4kPzvoJVabsWrLN0vJjavmkLF8E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B4A1BEA61D6611E2B2CD8B7C72FD1FF2/4kPzvoJVabsWrLN0vJjavmkLF8E.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E678/B897C582A19C11EB92A2DF29C4F9AE02/5BE68D46CF7611ED85A2E84EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
189.1.192.0/18
189.28.96.0/19
190.92.192.0/18
201.77.32.0/20
Signature Algorithm: sha256WithRSAEncryption
3f:7d:b7:21:12:8a:cc:27:f3:4f:81:dd:2f:23:47:9a:8a:42:
46:21:94:6e:68:30:0d:3d:76:10:b8:c9:fc:6f:24:c4:29:58:
da:3d:21:8d:00:17:b5:63:02:99:d4:fc:d7:76:8f:a5:44:e8:
72:e3:8b:9f:a9:6b:c6:8c:25:3c:ca:a7:84:5a:86:02:41:46:
2e:3c:90:51:52:6a:db:ed:19:13:02:54:8c:8c:da:5e:1b:b2:
12:c2:ff:f9:6a:6f:96:52:c5:be:23:e8:28:88:55:18:05:97:
17:6b:eb:ef:02:11:19:5a:da:97:bb:52:2e:39:a0:83:55:3a:
8b:0d:41:ea:1b:72:da:d1:6c:2c:8b:97:09:0f:6a:cf:8c:e8:
f9:21:73:51:60:df:b0:f4:0d:df:69:bf:40:03:95:eb:73:38:
2e:3e:1b:d6:53:44:48:19:0e:59:a0:6d:25:f2:17:6c:71:df:
8a:f5:e0:69:c1:41:e2:fc:e1:7b:f7:26:30:43:4a:fa:20:37:
fd:33:4f:d5:71:8b:ba:aa:12:f6:34:80:c1:37:3a:11:39:18:
69:0b:28:b8:5d:1a:d0:79:66:e5:f2:5f:c9:c2:05:b1:02:2e:
65:81:b0:8b:8e:78:57:57:cb:a3:10:39:a2:0b:cb:35:64:7b:
4a:c2:4d:bf
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBfcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0U2NzgxMTAvBgNVBAUTKEUyNDNGM0JFODI1NTY5QkIxNkFDQjM3NEJDOThEQUJF
NjkwQjE3QzEwHhcNMjQxMDIxMDc0ODQwWhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzE2MDc1Ny03ODA3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwGKNyhfj7N1Et2TYzISQgX3ERL3gB8ZyIFVPdUUytdZcRP8rr+tpfpuKV/IN
cS/UYgSjrf9X2gxuN8OHmq0pX7LVSVF4cpvL4/4SgcOKhbYzRveCPTK6Q8B57vNa
GjovIhoVMKfnqce3AW+01O/ZSp2akJ304CYq+Nbo2AoXAl5GIE+Mau70OyR34JwZ
vpopgvfAlQB8s5zJEoVAJ1YEAP0HnoMEmqTlkNIPqHAUf+9Rf7os8KqM5WMz1zuf
HRdCGXcDt0IoSj002ZN0oeYlsGlnCLNEEEFYwxnYict2i9nFGw6px5BZ2KuswMjK
nZZ3laEDUobRnieHlHnt9WboYwIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFCCLprq5
98LcyYTNuncFhVyWlKlcMB8GA1UdIwQYMBaAFOJD876CVWm7FqyzdLyY2r5pCxfB
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RTY3OC9CODk3QzU4MkEx
OUMxMUVCOTJBMkRGMjlDNEY5QUUwMi80a1B6dm9KVmFic1dyTE4wdkpqYXZta0xG
OEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I0QTFCRUE2MUQ2NjExRTJCMkNEOEI3Qzcy
RkQxRkYyLzRrUHp2b0pWYWJzV3JMTjB2Smphdm1rTEY4RS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0U2NzgvQjg5N0M1ODJBMTlDMTFFQjkyQTJERjI5QzRGOUFFMDIvNUJFNjhENDZD
Rjc2MTFFRDg1QTJFODRFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E
IjAgMB4EAgABMBgDBAa9AcADBAW9HGADBAa+XMADBATJTSAwDQYJKoZIhvcNAQEL
BQADggEBAD99tyESiswn80+B3S8jR5qKQkYhlG5oMA09dhC4yfxvJMQpWNo9IY0A
F7VjApnU/Nd2j6VE6HLji5+pa8aMJTzKp4RahgJBRi48kFFSatvtGRMCVIyM2l4b
shLC//lqb5ZSxb4j6CiIVRgFlxdr6+8CERla2pe7Ui45oINVOosNQeobctrRbCyL
lwkPas+M6Pkhc1Fg37D0Dd9pv0ADletzOC4+G9ZTREgZDlmgbSXyF2xx34r14GnB
QeL84Xv3JjBDSvogN/0zT9Vxi7qqEvY0gME3OhE5GGkLKLhdGtB5ZuXyX8nCBbEC
LmWBsIuOeFdXy6MQOaILyzVke0rCTb8=
-----END CERTIFICATE-----
Generated at Tue Oct 22 05:40:33 2024 by rpki-client on console-fra.rpki-client.org